[cpp][pistache-server] Add callbacks to authenticate http basic credentials.

Author: mowijo

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-base-header.mustache

@@ -16,11 +16,13 @@ namespace {{apiNamespace}}
 
 
     {{#authMethods}}{{#isBasicBasic}}
-    struct HttpBasicCredentials
+    typedef struct
     {
-        std::string userid;
+        std::string user;
         std::string password;
-    };
+    } HttpBasicCredentials;
+
+    typedef std::function<bool(const HttpBasicCredentials &)> BasicCredentialsAuthenticator;
     {{/isBasicBasic}}{{/authMethods}}
 
 
@@ -31,8 +33,21 @@ public:
     virtual ~ApiBase() = default;
     virtual void init() = 0;
 
+    {{#authMethods}}{{#isBasicBasic}}
+    bool canCredentialsBeAccepted(const HttpBasicCredentials& credentials) const;
+    void setBasicCredentialsAuthenticator( const BasicCredentialsAuthenticator &newBasicCredentialsAuthenticator)
+    {
+        basicCredentialsAuthenticator = newBasicCredentialsAuthenticator;
+    }
+
+    {{/isBasicBasic}}{{/authMethods}}
+
+
 protected:
     const std::shared_ptr<Pistache::Rest::Router> router;
+    {{#authMethods}}{{#isBasicBasic}}std::optional<BasicCredentialsAuthenticator> basicCredentialsAuthenticator;{{/isBasicBasic}}{{/authMethods}}
+
+
 };
 
 } // namespace {{apiNamespace}}

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-impl-source.mustache

@@ -13,6 +13,37 @@ using namespace {{modelNamespace}};{{/hasModelImport}}
 {{classname}}Impl::{{classname}}Impl(const std::shared_ptr<Pistache::Rest::Router>& rtr)
     : {{classname}}(rtr)
 {
+    {{#authMethods}}{{#isBasicBasic}}/*
+
+    Http Basic Auth
+
+    Do this in the individual classes in the constructor
+
+    this->setBasicCredentialsAuthenticator(
+    [](const HttpBasicCredentials &credentials)->bool
+    {
+        return credentials.user == "foo" && credentials.password == "bar";
+    }
+    );
+
+    or in main:
+
+    for (auto api : apiImpls) {
+        api->init();
+
+          setBasicCredentialsAuthenticator(
+        [](const HttpBasicCredentials &credentials)->bool
+        {
+            return credentials.user == "foo" && credentials.password == "bar";
+        }
+        );
+    }
+
+    or a mix.
+
+    Until you do either, protected resources will result in a 401.
+    */{{/isBasicBasic}}{{/authMethods}}
+
 }
 
 {{#operation}}

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-source.mustache

@@ -15,8 +15,7 @@ const std::string {{classname}}::base = "{{basePathWithoutHost}}";
 
 {{classname}}::{{classname}}(const std::shared_ptr<Pistache::Rest::Router>& rtr)
     : ApiBase(rtr)
-{
-}
+{}
 
 void {{classname}}::init() {
     setupRoutes();
@@ -122,7 +121,7 @@ void {{classname}}::{{operationIdSnakeCase}}_handler(const Pistache::Rest::Reque
 
     {{/bodyParam}}
     {{/hasBodyParam}}
-        {{#authMethods}}{{#isBasicBasic}}
+    {{#authMethods}}{{#isBasicBasic}}
         auto basicAuthHeader = request.headers().tryGet<Pistache::Http::Header::Authorization>();
 
         if( (!basicAuthHeader) || (basicAuthHeader->getMethod() != Pistache::Http::Header::Authorization::Method::Basic))
@@ -131,6 +130,18 @@ void {{classname}}::{{operationIdSnakeCase}}_handler(const Pistache::Rest::Reque
             return;
         }
         HttpBasicCredentials credentials{basicAuthHeader->getBasicUser(), basicAuthHeader->getBasicPassword()};
+        if( ! this->basicCredentialsAuthenticator.has_value())
+        {
+            response.send(Pistache::Http::Code::Unauthorized, "");
+            return;
+        }
+
+        if( ! this->basicCredentialsAuthenticator.value()(credentials))
+        {
+            response.send(Pistache::Http::Code::Unauthorized, "");
+            return;
+        }
+
         {{/isBasicBasic}}{{/authMethods}}
 
         {{#authMethods}}{{#isBasicBearer}}